CN106452752A - Method and system of modifying cipher, client, server and smart device - Google Patents
Method and system of modifying cipher, client, server and smart device Download PDFInfo
- Publication number
- CN106452752A CN106452752A CN201610931829.2A CN201610931829A CN106452752A CN 106452752 A CN106452752 A CN 106452752A CN 201610931829 A CN201610931829 A CN 201610931829A CN 106452752 A CN106452752 A CN 106452752A
- Authority
- CN
- China
- Prior art keywords
- data
- random number
- password
- new
- key data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Abstract
The invention is suitable for the technical field of communication, and provides a method and system of modifying a cipher, a client, a server and a smart device. The method of modifying a cipher includes the following steps: a client acquires a new cipher or key data; after receiving a command, of acquiring a randomized number, sent from a server, a smart device generates a randomized number and then caches the randomized number and sends the randomized number to the client through the server; according to the old cipher or key data, the randomized number and the new cipher or key data, the client obtains the new cipher or key data cryptograph; and after the smart device receives the command message of a first modification cipher generated from the server, the smart device decrypts the command message of the first modification cipher according to the old cipher or key data and the randomized number to obtain the new cipher or key data which is obtained through decryption, and then uses the new cipher data obtained through decryption to replace the old cipher data or uses the new key data obtained through decryption to replace the old key data. The method and system of modifying a cipher, the client, the server and the smart device can avoid leakage of key data.
Description
Technical field
The invention belongs to communication technical field, more particularly, to a kind of method of Modify password, system and client, server
And smart machine.
Background technology
User cipher is used to the identity of operator is confirmed, is generally possible to provide correct user cipher to be quilt
It is considered validated user, it is possible to obtain operating right corresponding with user cipher.In use, user can be according to oneself
Needs the Old Password pre-setting is revised as new password.
However, in realizing process of the present invention, inventor finds that the method for the Modify password that prior art provides at least is deposited
In following problem:
During user's registration, by the Old Password of user setup, in plain text or Old Password ciphertext is saved in server.Client will
The corresponding new password of new password of user input is in plain text or new password ciphertext is after line transmission is to server, and server is used
Described new password is in plain text or described new password ciphertext replaces Old Password plaintext or Old Password ciphertext.
The mode of this kind of Modify password, Old Password is in plain text or Old Password ciphertext is saved in server database, and services
Leak in the data base administration of device or storage dangerous, database data may be led to reveal, occur Old Password bright
Literary composition or Old Password the leakage of password event, and, in Modify password, transmit on the line is new password plaintext or Xinmi City
The corresponding new key data of code, therefore new password is easily stolen.In a word, the method for the Modify password that prior art provides may
Password is led to reveal the generation of event.
Content of the invention
In view of this, the embodiment of the present invention provides a kind of method of Modify password, system and client, server and intelligence
Equipment, may lead to password to reveal event with the method solving the problems, such as the Modify password of prior art offer.
In a first aspect, provide a kind of method of Modify password, Old Password data or old key data to be stored in intelligence setting
In standby, methods described includes:
Client sends and obtains RANDOM NUMBER request to server;
Server generates, according to the described RANDOM NUMBER request that obtains, the order obtaining random number, and is forwarded described by client
The order obtaining random number is to smart machine;
Smart machine generates random number according to the described order obtaining random number, caches described random number, generates and comprise institute
State the random number response data of random number, and described random number response data is forwarded to server by client;
Server parses described random number from described random number response data, and sends described random number to client
End;
Client obtains new password data or new key data and Old Password data or new key data, and according to described old
Code data or old key data, described random number and described new password data or new key data, obtain new password data close
Literary composition or new key data ciphertext, and the first new password data of described new password data ciphertext or new key data ciphertext will be included
Ciphertext or the first new key data ciphertext send to server;
Server generates the first Modify password according to described first new password data ciphertext or the first new key data ciphertext
Command message, and the command message of described first Modify password is forwarded to smart machine by client;
Smart machine enters to the command message of described first Modify password according to described Old Password data or old key data
Row deciphering, obtains deciphering the new password data obtaining or new key data, and the new password data being obtained with described deciphering replaces institute
State Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
Further, new password data or new key data and Old Password data or old cipher key number are obtained in described client
According to afterwards, also include:
Described new password data conversion is become new key data by client, and described Old Password data conversion is become old cipher key number
According to.
Further, described client is according to described Old Password data or old key data, described random number and described new
Code data or new key data, obtain new password data ciphertext or new key data ciphertext includes:
Client is disperseed with random number with Old Password data or old key data, obtains the first temporary key data;
Client new password data or new key data described in described first temporary key data encryption, obtain described new
Code data ciphertext or new key data ciphertext.
Further, in described client according to described Old Password data or old key data, described random number and described
New password data or new key data, after obtaining new password data ciphertext or new key data ciphertext, also include:
Client obtains random number ciphertext with random number described in described first temporary key data encryption;And/or
Client is carried out to described new password data ciphertext or new key data ciphertext with described first temporary key data
Message authentication is calculated a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, first
Mac result;
Described described first new password data ciphertext or the first new key data ciphertext are sent to server after, also
Including:
Server is according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or described
First Mac result generates the command message of the second Modify password, and the command message of described second Modify password is passed through client
End is forwarded to smart machine.
Further, in described smart machine according to described Old Password data or old key data and described random number to institute
The command message stating the first Modify password is decrypted, after obtaining deciphering the new password data obtaining or new key data, also
Including:
Smart machine described Old Password data or old key data and the described random number dispersion of caching, obtain second and face
When key data;
Smart machine described second temporary key data the command message of described second Modify password is included with
Machine number ciphertext is decrypted, and obtains the random number that described deciphering obtains;And/or
It is new that the described second temporary key data of smart machine includes to the command message of described second Modify password
Code data ciphertext or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
Further, described smart machine according to described Old Password data or old key data and described random number to described
The command message of the first Modify password is decrypted, and obtains deciphering the new password data obtaining or new key data includes:
Smart machine is included with the command message of the first Modify password described in described second temporary key data deciphering
New ciphertext password or new key data ciphertext, obtain new password data or new key data that described deciphering obtains.
Further, in described smart machine according to described Old Password data or old key data and described random number to institute
The command message stating the first Modify password is decrypted, after obtaining deciphering the new password data obtaining or new key data, also
Including:
The described random number of the random number that described deciphering is obtained by smart machine and caching is compared and/or by described the
Two Mac results are compared with a described Mac result, if unanimously, the new password data being obtained with described deciphering is replaced
Described new password data or the new key data being obtained with described deciphering replace described old key data.
Further, described Old Password data or old key data are stored in the safety chip of smart machine.
On the other hand, a kind of client, Old Password data or old key data is provided to be stored in smart machine, described
Client includes:
RANDOM NUMBER request sending module, obtains RANDOM NUMBER request to server for sending;
Obtain random number order sending module, the order of the acquisition random number generating for forwarding server sets to intelligence
Standby, the described order obtaining random number is to be generated according to the RANDOM NUMBER request that obtains that client sends;
Random number response data forwarding module, for forwarding random number response data to server, wherein, smart machine root
Generate random number according to the described order obtaining random number, after caching described random number, generate the random number comprising described random number
Response data;
Random number receiver module, for the reception server parse from described random number response data described random
Number;
New password or key data ciphertext sending module, for according to described Old Password data or old key data, described
Random number and described new password data or new key data, obtain new password data or new key data ciphertext, and by described bag
Include the first new password data ciphertext or the first new key data ciphertext of described new password data ciphertext or new key data ciphertext
Send to server;
First Modify password packet forwarding module, for the command message of the first Modify password is forwarded to smart machine,
With close to described first Modify password according to described Old Password data or old key data and described random number by smart machine
Make message be decrypted, obtain deciphering the new password data obtaining or new key data, Xinmi City's yardage being obtained with described deciphering
The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data, wherein, clothes
Business device generates the command message of the first Modify password according to described new password data ciphertext or new key data ciphertext.
Further, described client also includes:
Modular converter, for described new password data conversion is become new key data, described Old Password data conversion is become
Old key data.
Further, new password or key data ciphertext sending module include:
Dispersal unit, for being disperseed with random number with Old Password data or old key data, obtains the first temporary key number
According to;
Ciphering unit, for new password data or new key data described in described first temporary key data encryption, obtaining
To new password data ciphertext or new key data ciphertext.
Further, described client also includes:
Random number ciphertext generation module, for obtaining random number with random number described in described first temporary key data encryption
Ciphertext;And/or
First Mac result-generation module, for described first temporary key data to described new password data ciphertext or
New key data ciphertext carries out message authentication and is calculated a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, first
Mac result;
Described client also includes:
Second Modify password packet forwarding module, sets for the command message of described second Modify password is forwarded to intelligence
Standby, by server according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or described first
Mac result generates the command message of the second Modify password.
Another further aspect, provides a kind of server, Old Password data or old key data to be stored in smart machine, described
Server includes:
Request receiving module, for receiving the acquisition RANDOM NUMBER request of client transmission;
Obtain random number order sending module, for the life obtaining random number is generated according to the described RANDOM NUMBER request that obtains
Order, and the described order obtaining random number is forwarded to smart machine by client;
Random number response data receiver module, for receiving the random number response data of client forwarding, wherein, intelligently sets
Standby random number is generated according to the described order obtaining random number, after caching described random number, generate comprise described random number with
Machine number response data;
Random number sending module, for parsing described random number from described random number response data, and sends described
Random number is to client;
New password or key data ciphertext receiver module, for receiving new data password or the new key number of client transmission
According to ciphertext, wherein, client according to described Old Password data or old key data, described random number and described new password data or
New key data, obtains new key data ciphertext;
First Modify password message sending module, for according to described new password data ciphertext or the life of new key data ciphertext
Become the command message of the first Modify password, and the command message of described first Modify password be forwarded to intelligence by client to set
Standby, with by smart machine according to described Old Password data or old key data and described random number to described first Modify password
Secret order message is decrypted, and obtains deciphering the new password data obtaining or new key data, the new password being obtained with described deciphering
Data replaces described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
Further, described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext,
And/or, a Mac result, described server also includes:
Second Modify password message sending module, for according to described new password data ciphertext or new key data ciphertext,
Described random number ciphertext and/or the command message of described Mac result generation second Modify password, and described second is changed
The command message of password is forwarded to smart machine by client;
Wherein, client is according to described Old Password data or old key data, described random number and described new password data
Or new key data, obtain random number ciphertext and/or a Mac result.
Another aspect, provides a kind of smart machine, Old Password data or old key data to be stored in described smart machine,
Described smart machine includes:
Obtain random number Order receiver module, for receiving the order of the acquisition random number forwarding by client, wherein,
The described order obtaining random number is that server generates according to the RANDOM NUMBER request that obtains that client sends;
Random number response data sending module, for generating random number according to the described order obtaining random number, caches institute
State random number, generate the random number response data comprising described random number, and described random number number of responses is forwarded by client
According to server;
First Modify password message receiver module, the first Modify password life being forwarded by client for the reception server
The message of order, wherein, server parses described random number from described random number response data, and sends described random number extremely
After client, client is according to described Old Password data or old key data, described random number and described new password data or new
Key data, obtains new password data ciphertext or new key data ciphertext, and by described inclusion described new password data ciphertext or
First new password data ciphertext of new key data ciphertext or the first new key data ciphertext send to server, server according to
Described new password data ciphertext or the command message of new key data ciphertext described first Modify password of generation;
Password modified module, for the life to described first Modify password according to described Old Password data or old key data
Make message be decrypted, obtain deciphering the new password data obtaining or new key data, Xinmi City's yardage being obtained with described deciphering
The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data.
Further, described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext,
And/or, a Mac result, described smart machine also includes:
Second Modify password message receiver module, the second Modify password life being forwarded by client for the reception server
The message of order, wherein, server parses described random number from described random number response data, and sends described random number extremely
After client, client is according to described Old Password data or old key data, described random number and described new password data or new
Key data, obtains new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result, and by institute
State new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result send to server, service
Device generates the command message of described second Modify password according to described new password data ciphertext or new key data ciphertext;
Dispersed modules, for described Old Password data or old key data and the described random number dispersion of caching, obtaining
Second temporary key data;
Random nnrber decryption module, for wrapping in the command message to the second Modify password for the described second temporary key data
The random number ciphertext including is decrypted, and obtains the random number that described deciphering obtains;And/or
Message identification module, for in the command message to described second Modify password for the described second temporary key data
Including new password data or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
Further, described Password modified module includes:
New key data decryption unit, for the life with the first Modify password described in described second temporary key data deciphering
Make the new password data ciphertext that message includes or new key data ciphertext, obtain the new password data or new that described deciphering obtains
Key data.
Further, described Password modified module also includes:
Comparing unit, the random number for obtaining described deciphering is compared with the described random number caching and/or will
Described 2nd Mac result and a described Mac result are compared, if unanimously, Xinmi City's yardage of being obtained with described deciphering
The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data.
Further, described Old Password data or old key data are stored in the safety chip of smart machine.
Another further aspect, provides a kind of system of Modify password, and described system includes client as above, as mentioned above
Server and smart machine as above.
The beneficial effect that the embodiment of the present invention compared with prior art exists is:The embodiment of the present invention is passed through Old Password number
According to or old key data be stored in smart machine, without storage in the server, and on the line without carrying out Old Password number
According to or old key data transmission, Old Password data or the leakage of old key data can be avoided.In addition, in Modify password,
Using random number, new password data or new key data are encrypted, transmit on the line is to comprise new password data or new
The random number of code data corresponding new key data, therefore new password data or new key data are to be transmitted with the mode of ciphertext
It is not easy to be stolen so that the transmission of password or key data is safer, overcome prior art offer modification
The method of password may lead to password to reveal the problem of event.
Brief description
For the technical scheme being illustrated more clearly that in the embodiment of the present invention, below will be to embodiment or description of the prior art
In required use accompanying drawing be briefly described it should be apparent that, drawings in the following description be only the present invention some
Embodiment, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these
Accompanying drawing obtains other accompanying drawings.
Fig. 1 is the flowchart of the method for Modify password that first embodiment of the invention provides;
Fig. 2 is the structured flowchart of the client that second embodiment of the invention provides;
Fig. 3 is the structured flowchart of the server that third embodiment of the invention provides;
Fig. 4 is the structured flowchart of the smart machine that fourth embodiment of the invention provides;
Fig. 5 is the structured flowchart of the system of Modify password that fifth embodiment of the invention provides.
Specific embodiment
In order that the objects, technical solutions and advantages of the present invention become more apparent, below in conjunction with drawings and Examples, right
The present invention is further elaborated.It should be appreciated that specific embodiment described herein is only in order to explain the present invention, and
It is not used in the restriction present invention.
It should be noted that the executive agent of the embodiment of the present invention includes server, client and smart machine.Wherein,
C/S (Client/Server) structure, i.e. client-server structure, client can be met between client and server
Can also meet B/S (Browser/Server) structure between server, i.e. browser and server structure, in addition, client
End can be mobile phone or computer etc., and here is all not construed as limiting.
Below in conjunction with specific embodiment, the realization of the present invention is described in detail:
Embodiment one
Fig. 1 show the embodiment of the present invention one provide the method for Modify password realize flow process, details are as follows:
In step S101, client sends and obtains RANDOM NUMBER request to server.
In embodiments of the present invention, client can generate an acquisition RANDOM NUMBER request, and actively sends described acquisition
RANDOM NUMBER request is to server.
In step s 102, server generates, according to the described RANDOM NUMBER request that obtains, the order obtaining random number, and passes through
Client forwards the described order obtaining random number to smart machine.
In embodiments of the present invention, the acquisition RANDOM NUMBER request life that server can send according to client in step S101
Become to obtain the order of random number, and the described order obtaining random number is forwarded to smart machine by client.
In step s 103, smart machine generates random number according to the described order obtaining random number, and caching is described random
Number, generates the random number response data comprising described random number, and forwards described random number response data to clothes by client
Business device.
In embodiments of the present invention, the life of the acquisition random number that smart machine can forward according to client in step S102
Order generates random number, caches described random number, generates the random number response data comprising described random number, and is turned by client
Send out random number response data described to server.
In step S104, server parses described random number from described random number response data, and sends described
Random number is to client.
In embodiments of the present invention, server can first from step S103 client forward random number response data in
Parse the random number that in step S103, smart machine generates, retransmit described random number to client.
In step S105, client obtains new password data or new key data and Old Password data or old cipher key number
According to, and according to described Old Password data or old key data, described random number and described new password data or new key data, obtain
To new password data ciphertext or new key data ciphertext, and described new password data ciphertext or new key data ciphertext will be included
First new password data ciphertext or the first new key data ciphertext send to server.
In embodiments of the present invention, user inputs new password data by client, and client receives user input
After new password data, described new password data conversion can be become new key data corresponding with described new password data, specifically
The described method changed can be cryptographic calculation or Hash computing etc., is become described new password data conversion using which kind of mode
New key data corresponding with described new password data, is not limited in the embodiment of the present invention.
New password data conversion is become after new key data corresponding with described new password data, client obtains Old Password
Data or old key data, described Old Password data or old key data are that user inputs in client, are stored in intelligence and set
In standby.
After getting Old Password data or old key data, client according to described Old Password data or old key data,
Described random number and described new password data or new key data, obtain new password data ciphertext or new key data ciphertext, and
The first new password data ciphertext or the first new key data of described new password data ciphertext or new key data ciphertext will be included
Ciphertext sends to server.Specifically, client is according to described Old Password data, described random number and described new password data,
Obtain new password data ciphertext;Or, client according to described old key data, described random number and described new key data,
The mode obtaining new key data ciphertext can have multiple choices.As key, encrypt described Old Password data as with random number
With described new password data, obtain new password data ciphertext;Or, with random number and described Old Password data as key, plus
Close described new password data, obtains new password data ciphertext;Or, with random number as key, encrypt described old key data
With described new key data, obtain new key data ciphertext;Or, with random number and described old key data as key, plus
Close described new key data, obtains new key data ciphertext.The present embodiment is to obtaining new password data ciphertext or new key number
Mode according to ciphertext is not limited.
Preferably, after getting Old Password data or old key data, client first uses Old Password data or old cipher key number
Disperse according to random number, obtain the first temporary key data;Again with Xinmi City's yardage described in described first temporary key data encryption
According to or new key data, obtain described new password data ciphertext or new key data ciphertext;Then with described first temporary key
Random number described in data encryption obtains described random number ciphertext and/or with described first temporary key data to described Xinmi City yardage
Carry out message according to ciphertext or new key data ciphertext to differentiate to be calculated a described Mac result;Finally by described Xinmi City yardage
Send to server according to ciphertext or new key data ciphertext, described random number ciphertext and/or a described Mac result.
In step s 106, server generates the first modification according to described new password data ciphertext or new key data ciphertext
The command message of password, and the command message of described first Modify password is forwarded to smart machine by client.
In embodiments of the present invention, server first generates the according to described new password data ciphertext or new key data ciphertext
Then the command message of described first Modify password is sent to intelligence by client and sets by the command message of one Modify password
Standby.
Preferably, server can first wrap according in described first new password data ciphertext or the first new key data ciphertext
The new password data ciphertext including or new key data ciphertext, described random number ciphertext and/or a described Mac result generate second
Then the command message of described second Modify password is sent to smart machine by client by the command message of Modify password.
In step s 107, smart machine according to described Old Password data or old key data and described random number to described
The command message of the first Modify password is decrypted, and obtains deciphering the new password data obtaining or new key data, uses described solution
The close new password data described Old Password data of replacement obtaining or the new key data replacement being obtained with described deciphering are described old
Key data.
In embodiments of the present invention, smart machine first obtains Old Password data or old key data from local, then with described
The new password data ciphertext or new that Old Password data or old key data include to the command message of described first Modify password
Key data ciphertext is decrypted, and obtains new password data or new key data that described deciphering obtains, and is deciphered with described
To new password data replace described Old Password data or the new key data that obtained with described deciphering replaces described old key
Data, to realize the modification of password.
Preferably, smart machine first obtains Old Password data or old key data from local, then with described Old Password data
Or the random number ciphertext that old key data includes to the command message of described second Modify password is decrypted, obtain described solution
The close random number obtaining and/or smart machine are first divided with the described random number of caching with described Old Password data or old key data
Dissipate, obtain the second temporary key data, then the command message to described second Modify password with described second temporary key data
The new password data ciphertext including or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
Consistent with the described random number of caching or tie in a Mac result and the 2nd Mac in the random number that obtains of deciphering
When fruit is consistent, the new password data that just can be obtained with described deciphering is replaced described Old Password data or is obtained with described deciphering
New key data replace old key data, realize the modification of password.
Wherein, the random number that obtains of deciphering is consistent with the described random number of caching or in a Mac result and the 2nd Mac
When result is consistent, illustrate that new password data or new key data are not modified, and Old Password data or old key data be correctly,
Then Old Password data can be replaced or with deciphering the new key data old key data of replacement obtaining with new password data;Otherwise
New password data is described or new key data be modified or Old Password data or old key data incorrect.
It should be noted that Mac result obtains according to new password data ciphertext or new key data cryptogram computation, such as
The value of fruit new password data ciphertext or new key data ciphertext is modified or incorrect, and the Mac result obtaining is just not yet
The same, therefore there is anti-tamper function.
Preferably, Old Password data or old key data are stored in the safety chip of smart machine, and this safety chip is
Through the safety chip of the close certification of state and the certification of associated safety department, Old Password data or old key data are stored in described safety
In the safe space of chip, the data that user reads this safe space can be limited, user can only be obtained by way of certification,
And described Old Password data or old key data can not be obtained by other any modes.
Preferably, number of retries can be set, when the random number that obtains of deciphering is consistent with the described random number caching or
When a Mac result and the 2nd Mac result are inconsistent, smart machine can successively decrease the number of retries of password, and sends password
Modification failure response message is to server;Otherwise, recover number of retries, and carry out next step operation.
By the embodiment of the present invention, Old Password data or old key data can be stored in smart machine, without depositing
Storage in the server, and on the line without the transmission carrying out Old Password data or old key data, can avoid Old Password number
According to or old key data leakage.In addition, in Modify password, being carried out to new password data or new key data using random number
Encryption, transmit on the line is the random number comprising new password data or new password data corresponding new key data, therefore
New password data or new key data be with the mode of ciphertext transmit it is not easy to be stolen so that password or cipher key number
According to transmission safer, the method overcoming the Modify password of prior art offer may lead to password to reveal the asking of event
Topic.
In addition, Old Password data or old key data are stored in the safety chip of smart machine so that user can not be led to
Any mode of other outside the mode of Modify password of crossing gets old key data, further increases Old Password data or old
The safety of key data storage.
It should be understood that in embodiments of the present invention, the size of the sequence number of above-mentioned each process is not meant to the elder generation of execution sequence
Afterwards, the execution sequence of each process should be determined with its function and internal logic, and should not be to the implementation process structure of the embodiment of the present invention
Become any restriction.
One of ordinary skill in the art will appreciate that realizing all or part of step in the various embodiments described above method is can
Completed with the hardware instructing correlation by program, corresponding program can be stored in a computer read/write memory medium
In, described storage medium, such as ROM/RAM, disk or CD etc..
Embodiment two
Fig. 2 shows the concrete structure block diagram of the client that the embodiment of the present invention two provides, and for convenience of description, only illustrates
The part related to the embodiment of the present invention.This client 2 constitutes the system of Modify password together with smart machine, server,
Wherein, Old Password data or old key data are stored in smart machine, and this client 2 includes:RANDOM NUMBER request sending module
21st, random number order sending module 22, random number response data forwarding module 23, random number receiver module 24, new password are obtained
Or key data ciphertext sending module 25 and the first Modify password packet forwarding module 26.
Wherein, RANDOM NUMBER request sending module 21, obtains RANDOM NUMBER request to server for sending;
Obtain random number order sending module 22, the order of the acquisition random number generating for forwarding server sets to intelligence
Standby, the described order obtaining random number is to be generated according to the RANDOM NUMBER request that obtains that client sends;
Random number response data forwarding module 23, for forwarding random number response data to server, wherein, smart machine
Random number is generated according to the described order obtaining random number, after caching described random number, generates and comprise the random of described random number
Number response data;
Random number receiver module 24, for the reception server parse from described random number response data described random
Number;
New password or key data ciphertext sending module 25, for obtaining new password data or new key data and Old Password
Data or old key data, and according to described Old Password data or old key data, described random number and described new password data
Or new key data, obtain new password data ciphertext or new key data ciphertext, and will include described new password data ciphertext or
First new password data ciphertext of new key data ciphertext or the first new key data ciphertext send to server;
First Modify password packet forwarding module 26, sets for the command message of the first Modify password is forwarded to intelligence
Standby, with by smart machine according to the secret order message of described Modify password with described new password data replace described Old Password data or
Person replaces described old key data with described new key data, and wherein, server is according to described new password data ciphertext or Xinmi City
Key data ciphertext generates the command message of the first Modify password.
Described client also includes:
Modular converter, for described new password data conversion is become new key data, described Old Password data conversion is become
Old key data.
Specifically, described new key data transmission blocks 25 include:
Dispersal unit, for being disperseed with random number with new password data or old key data, obtains the first temporary key number
According to;
Ciphering unit, for new password data or new key data described in described first temporary key data encryption, obtaining
To new password data ciphertext or new key data ciphertext.
Further, described client 2 also includes:
Random number ciphertext generation module, for obtaining random number with random number described in described first temporary key data encryption
Ciphertext;And/or
First Mac result-generation module, for described first temporary key data to described new password data or Xinmi City
Key data ciphertext carries out message authentication and is calculated a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, first
Mac result;
Second Modify password packet forwarding module, sets for the command message of described second Modify password is forwarded to intelligence
Standby, wherein, server is according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or described
First Mac result generates the command message of the second Modify password.
Client provided in an embodiment of the present invention can be applied in aforementioned corresponding embodiment of the method one, and details are referring to upper
State the description of embodiment one, will not be described here.
Embodiment three
Fig. 3 shows the concrete structure block diagram of the server that the embodiment of the present invention three provides, and for convenience of description, only illustrates
The part related to the embodiment of the present invention.This server 3 constitutes the system of Modify password together with client, smart machine,
Wherein, Old Password data or old key data are stored in smart machine, and this server 3 includes:Request receiving module 31, obtain
Take random number order sending module 32, random number response data receiver module 33, random number sending module 34, new password or key
Data ciphertext receiver module 35 and the first Modify password message sending module 36.
Wherein, request receiving module 31, for receiving the acquisition RANDOM NUMBER request of client transmission;
Obtain random number order sending module 32, for the life obtaining random number is generated according to the described RANDOM NUMBER request that obtains
Order, and the described order obtaining random number is forwarded to smart machine by client;
Random number response data receiver module 33, for receiving the random number response data of client forwarding, wherein, intelligence
Equipment generates random number according to the described order obtaining random number, after caching described random number, generates and comprises described random number
Random number response data;
Random number sending module 34, for parsing described random number from described random number response data, and sends institute
State random number to client;
New password or key data ciphertext receiver module 35, for receiving the first new password data ciphertext of client transmission
Or the first new key data ciphertext, wherein, client is according to described Old Password data or old key data, described random number and institute
State new password data or new key data, obtain the described first Xinmi City's yardage including described new password data or new key data
According to ciphertext or the first new key data ciphertext;
First Modify password message sending module 36, for according to described new password data ciphertext or new key data ciphertext
Generate the command message of the first Modify password, and the command message of described first Modify password is forwarded to intelligence by client
Equipment, with by smart machine according to described Old Password data or old key data and described random number to described first Modify password
Secret order message be decrypted, obtain deciphering the new password data obtaining or new key data, the Xinmi City being obtained with described deciphering
Code data replaces described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
Further, described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext,
And/or, a Mac result;
Described server 3 also includes:
Second Modify password message sending module, for according to described new password data ciphertext or new key data ciphertext,
Described random number ciphertext and/or the command message of described Mac result generation second Modify password, and described second is changed
The command message of password is forwarded to smart machine by client.
Server provided in an embodiment of the present invention can be applied in aforementioned corresponding embodiment of the method one, and details are referring to upper
State the description of embodiment one, will not be described here.
Example IV
Fig. 4 shows the concrete structure block diagram of the smart machine that the embodiment of the present invention four provides, and for convenience of description, only shows
Go out the part related to the embodiment of the present invention.What this smart machine 4 constituted Modify password together with client, server is
System, wherein, old key data is stored in smart machine 4, and this smart machine 4 includes:Acquisition random number Order receiver module 41,
Random number response data sending module 42, the first Modify password message receiver module 43 and Password modified module 44.
Wherein, obtain random number Order receiver module 41, for receiving the life of the acquisition random number forwarding by client
Order, wherein, the described order obtaining random number is that server generates according to the RANDOM NUMBER request that obtains that client sends;
Random number response data sending module 42, for generating random number, caching according to the described order obtaining random number
Described random number, generates the random number response data comprising described random number, and forwards described random number response by client
Data is to server;
First Modify password message receiver module 43, the first Modify password being forwarded by client for the reception server
The message of order, wherein, server parses described random number from described random number response data, and sends described random number
To client, client according to described Old Password data or old key data, described random number and described new password data or
New key data, obtains new password data ciphertext or new key data ciphertext, and includes described new password data ciphertext by described
Or the first new password data ciphertext of new key data ciphertext or the first new key data ciphertext send to server, server root
Generate the command message of described first Modify password according to described first new password data ciphertext or the first new key data ciphertext;
Password modified module 44, for according to described Old Password data or old key data and described random number to described
The command message of one Modify password is decrypted, and obtains deciphering the new password data obtaining or new key data, uses described deciphering
The new password data obtaining is replaced described Old Password data or is replaced described old cipher key number with deciphering the new key data obtaining
According to.
Further, described smart machine 4 also includes:
Second Modify password message receiver module, the second Modify password life being forwarded by client for the reception server
The message of order, wherein, server parses described random number from described random number response data, and sends described random number extremely
After client, client is according to described Old Password data or old key data, described random number and new password data or new key
Data, obtains new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result, and will be described new
Code data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result send to server, server root
Generate described second according to described new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result to repair
Change the command message of password;
Dispersed modules, for described Old Password data or old key data and the described random number dispersion of caching, obtaining
Second temporary key data;
Random nnrber decryption module, for wrapping in the command message to the second Modify password for the described second temporary key data
The random number ciphertext including is decrypted, and obtains the random number that described deciphering obtains;And/or
Message identification module, for in the command message to described second Modify password for the described second temporary key data
Including new password data ciphertext or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
Further, described Password modified module includes:
New key data decryption unit, for the life with the first Modify password described in described second temporary key data deciphering
Make the new password data ciphertext that message includes or new key data ciphertext, obtain the new password data or new that described deciphering obtains
Key data.
Further, described Password modified module also includes:
Comparing unit, the random number for obtaining described deciphering is compared with the described random number caching and/or will
Described 2nd Mac result and a described Mac result are compared, if unanimously, Xinmi City's yardage of being obtained with described deciphering
The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data.
Further, described Old Password data or old key data are stored in the safety chip of smart machine.
Smart machine provided in an embodiment of the present invention can be applied in aforementioned corresponding embodiment of the method one, details referring to
The description of above-described embodiment one, will not be described here.
Embodiment five
Fig. 5 shows the concrete structure block diagram of the system of Modify password that the embodiment of the present invention five provides, for the ease of saying
Bright, illustrate only the part related to the embodiment of the present invention.The system 5 of this Modify password includes the clothes as described in embodiment three
Client described in business device, embodiment two and the smart machine described in example IV.Wherein, server and client connect
Connect, both can be with direction communication;Smart machine and client connect, and smart machine is communicated with server by client.
Described in the work visible embodiment one to four of interaction between specific service device, client and smart machine, will not be described here.
Those of ordinary skill in the art are it is to be appreciated that combine the list of each example of the embodiments described herein description
Unit and algorithm steps, being capable of being implemented in combination in electronic hardware or computer software and electronic hardware.These functions are actually
To be executed with hardware or software mode, the application-specific depending on technical scheme and design constraint.Professional and technical personnel
Each specific application can be used different methods to realize described function, but this realization is it is not considered that exceed
The scope of the present invention.
Those skilled in the art can be understood that, for convenience and simplicity of description, the system of foregoing description,
Device and the specific work process of unit, may be referred to the corresponding process in preceding method embodiment, will not be described here.
It should be understood that disclosed system, apparatus and method in several embodiments provided herein, permissible
Realize by another way.For example, device embodiment described above is only schematically, for example, described unit
Divide, only a kind of division of logic function, actual can have other dividing mode when realizing, for example multiple units or assembly
Can in conjunction with or be desirably integrated into another system, or some features can be ignored, or does not execute.Another, shown or
The coupling each other discussing or direct-coupling or communication connection can be by some interfaces, the indirect coupling of device or unit
Close or communicate to connect, can be electrical, mechanical or other forms.
The described unit illustrating as separating component can be or may not be physically separate, show as unit
The part showing can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.The mesh to realize this embodiment scheme for some or all of unit therein can be selected according to the actual needs
's.
In addition, can be integrated in a processing unit in each functional unit in each embodiment of the present invention it is also possible to
It is that unit is individually physically present it is also possible to two or more units are integrated in a unit.
If described function realized using in the form of SFU software functional unit and as independent production marketing or use when, permissible
It is stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially in other words
Partly being embodied in the form of software product of part that prior art is contributed or this technical scheme, this meter
Calculation machine software product is stored in a storage medium, including some instructions with so that a computer equipment (can be individual
People's computer, server, or network equipment etc.) execution each embodiment methods described of the present invention all or part of step.
And aforesaid storage medium includes:USB flash disk, portable hard drive, read only memory (ROM, Read-Only Memory), random access memory are deposited
Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.
The above, the only specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, and any
Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, all should contain
Cover within protection scope of the present invention.Therefore, protection scope of the present invention should described be defined by scope of the claims.
Claims (20)
1. a kind of method of Modify password is it is characterised in that Old Password data or old key data are stored in smart machine,
Methods described includes:
Client sends and obtains RANDOM NUMBER request to server;
Server generates, according to the described RANDOM NUMBER request that obtains, the order obtaining random number, and forwards described acquisition by client
The order of random number is to smart machine;
Smart machine generates random number according to the described order obtaining random number, caches described random number, generate comprise described with
The random number response data of machine number, and described random number response data is forwarded to server by client;
Server parses described random number from described random number response data, and sends described random number to client;
Client obtains new password data or new key data and Old Password data or old key data, and according to described Old Password
Data or old key data, described random number and described new password data/new key data, obtain new password data ciphertext or new
Key data ciphertext, and by include described new password data ciphertext or new key data ciphertext the first new password data ciphertext or
First new key data ciphertext sends to server;
Server generates the life of the first Modify password according to described first new password data ciphertext or the first new key data ciphertext
Make message, and the command message of described first Modify password is forwarded to smart machine by client;
Smart machine life to described first Modify password according to described Old Password data or old key data and described random number
Make message be decrypted, obtain deciphering the new password data obtaining or new key data, Xinmi City's yardage being obtained with described deciphering
The new key data obtained according to the described Old Password data of replacement or with described deciphering replaces described old key data.
2. the method for claim 1 is it is characterised in that obtain new password data or new key data in described client
After Old Password data or old key data, also include:
Described new password data conversion is become new key data by client, and described Old Password data conversion is become old key data.
3. the method for claim 1 is it is characterised in that described client is according to described Old Password data or old cipher key number
According to, described random number and described new password data or new key data, obtain new password data ciphertext or new key data ciphertext
Including:
Client is disperseed with random number with Old Password data or old key data, obtains the first temporary key data;
Client new password data or new key data described in described first temporary key data encryption, obtain described new password
Data or new key data ciphertext.
4. method as claimed in claim 3 is it is characterised in that in described client according to described Old Password data or old key
Data, described random number and described new password data or new key data, obtain new password data or new key data ciphertext it
Afterwards, also include:
Client obtains random number ciphertext with random number described in described first temporary key data encryption;And/or
Client carries out message with described first temporary key data to described new password data ciphertext or new key data ciphertext
Authentication calculations obtain a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, a Mac
Result;
The first new password data ciphertext or first of described new password data ciphertext or new key data ciphertext will be included described
New key data ciphertext sends to after server, also includes:
Server is according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or described first
Mac result generates the command message of the second Modify password, and the command message of described second Modify password is turned by client
It is sent to smart machine.
5. method as claimed in claim 4 is it is characterised in that in described smart machine according to described Old Password data or old close
Key data and described random number are decrypted to the command message of described first Modify password, obtain deciphering Xinmi City's yardage obtaining
According to or new key data after, also include:
Smart machine described Old Password data or old key data and the described random number dispersion of caching, obtain second temporarily close
Key data;
The random number that smart machine is included to the command message of described second Modify password with described second temporary key data
Ciphertext is decrypted, and obtains the random number that described deciphering obtains;And/or
The new password that smart machine is included to the command message of described second Modify password with described second temporary key data
Data ciphertext or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
6. method as claimed in claim 5 is it is characterised in that described smart machine is according to described Old Password data or old key
Data and described random number are decrypted to the command message of described first Modify password, obtain deciphering the new password data obtaining
Or new key data includes:
Xinmi City that smart machine is included with the command message of the first Modify password described in described second temporary key data deciphering
Code data ciphertext or new key data ciphertext, obtain new password data or new key data that described deciphering obtains.
7. method as claimed in claim 5 is it is characterised in that in described smart machine according to described Old Password data or old close
Key data and described random number are decrypted to the command message of described first Modify password, obtain deciphering Xinmi City's yardage obtaining
According to or new key data after, also include:
The described random number of the random number that described deciphering is obtained by smart machine and caching is compared and/or by described second
Mac result is compared with a described Mac result, if unanimously, the new password data being obtained with described deciphering replaces institute
State Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
8. the method for claim 1 is it is characterised in that described Old Password data or old key data are stored in intelligent setting
In standby safety chip.
9. a kind of client is it is characterised in that Old Password data or old key data are stored in smart machine, described client
End includes:
RANDOM NUMBER request sending module, obtains RANDOM NUMBER request to server for sending;
Obtain random number order sending module, the order of the acquisition random number generating for forwarding server is to smart machine, institute
The order stating acquisition random number is to be generated according to the RANDOM NUMBER request that obtains that client sends;
Random number response data forwarding module, for forwarding random number response data to server, wherein, smart machine is according to institute
State the order generation random number obtaining random number, after caching described random number, generate the random number response comprising described random number
Data;
Random number receiver module, the described random number parsing from described random number response data for the reception server;
New password or key data ciphertext sending module, for obtaining new password data and Old Password data, and according to described old
Code data or old key data, described random number and described new password data or new key data, obtain new password data close
Literary composition or new key data ciphertext, and the first new password data of described new password data ciphertext or new key data ciphertext will be included
Ciphertext or the first new key data ciphertext send to server;
First Modify password packet forwarding module, for the command message of the first Modify password is forwarded to smart machine, with by
Smart machine secret order report to described first Modify password according to described Old Password data or old key data and described random number
Literary composition is decrypted, and obtains deciphering the new password data obtaining or new key data, and the new password data being obtained with described deciphering
Replace described Old Password data or the new key data described old key data of replacement being obtained with described deciphering, wherein, service
Device generates the command message of the first Modify password according to described new password data ciphertext new key data ciphertext.
10. client as claimed in claim 9 is it is characterised in that described client also includes:
Modular converter, for described new password data conversion is become new key data, described Old Password data conversion is become old close
Key data.
11. clients as claimed in claim 9 are it is characterised in that new key data ciphertext sending module includes:
Dispersal unit, for being disperseed with random number with Old Password data or old key data, obtains the first temporary key data;
Ciphering unit, for new password data or new key data described in described first temporary key data encryption, obtaining new
Code data ciphertext or new key data ciphertext.
12. clients as claimed in claim 11 are it is characterised in that described client also includes:
Random number ciphertext generation module, close for obtaining random number with random number described in described first temporary key data encryption
Literary composition;And/or
First Mac result-generation module, for described first temporary key data to described new password data ciphertext or Xinmi City
Key data ciphertext carries out message authentication and is calculated a Mac result;
Described first new password data ciphertext or the first new key data ciphertext also include random number ciphertext, and/or, a Mac
Result;
Described client also includes:
Second Modify password packet forwarding module, for the command message of described second Modify password is forwarded to smart machine,
By server according to described new password data ciphertext or new key data ciphertext, described random number ciphertext and/or a described Mac
Result generates the command message of described second Modify password.
A kind of 13. servers it is characterised in that Old Password data or old key data are stored in smart machine, described clothes
Business device includes:
Request receiving module, for receiving the acquisition RANDOM NUMBER request of client transmission;
Obtain random number order sending module, for the order obtaining random number is generated according to the described RANDOM NUMBER request that obtains, and
The described order obtaining random number is forwarded to smart machine by client;
Random number response data receiver module, for receiving the random number response data of client forwarding, wherein, smart machine root
Generate random number according to the described order obtaining random number, after caching described random number, generate the random number comprising described random number
Response data;
Random number sending module, for parsing described random number from described random number response data, and sends described random
Number is to client;
New password or key data ciphertext receiver module, for receiving the first new password data ciphertext or first of client transmission
New key data ciphertext, wherein, client is according to described Old Password data or old key data, described random number and described Xinmi City
Code data or new key data, obtain new password data ciphertext or new key data ciphertext, and will include described new password data
First new password data ciphertext of ciphertext or new key data ciphertext or the first new key data ciphertext send to server;
First Modify password message sending module, for generating the according to described new password data ciphertext or new key data ciphertext
The command message of one Modify password, and the command message of described first Modify password is forwarded to smart machine by client,
With close to described first Modify password according to described Old Password data or old key data and described random number by smart machine
Make message be decrypted, obtain deciphering the new password data obtaining or new key data, and the new password being obtained with described deciphering
Data replaces described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
14. servers as claimed in claim 13 are it is characterised in that described first new password data ciphertext or the first new key
Data ciphertext also includes random number ciphertext, and/or, a Mac result, described server also includes:
Second Modify password message sending module, for according to described new password data ciphertext or new key data ciphertext, described
Random number ciphertext and/or a described Mac result generate the command message of the second Modify password, and by described second Modify password
Command message smart machine is forwarded to by client.
A kind of 15. smart machines it is characterised in that Old Password data or old key data are stored in described smart machine,
Described smart machine includes:
Obtain random number Order receiver module, for receiving the order of the acquisition random number forwarding by client, wherein, described
The order obtaining random number is that server generates according to the RANDOM NUMBER request that obtains that client sends;
Random number response data sending module, for random number is generated according to the described order obtaining random number, caching described with
Machine number, generates the random number response data comprising described random number, and forwards described random number response data extremely by client
Server;
First Modify password message receiver module, the first Modify password order being forwarded by client for the reception server
Message, wherein, server parses described random number from described random number response data, and sends described random number to client
Behind end, client is according to described Old Password data or old key data, described random number and described new password data or new key
Data, obtains new password data ciphertext or new key data ciphertext, and will include described new password data ciphertext or new key number
The first new password data ciphertext or the first new key data ciphertext according to ciphertext send to server, and server is according to described Xinmi City
Code data ciphertext or the command message of new key data ciphertext described first Modify password of generation;
Password modified module, for the order report to described first Modify password according to described Old Password data or old key data
Literary composition is decrypted, and obtains deciphering the new password data obtaining or new key data, the new password data being obtained with described deciphering is replaced
Change described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
16. smart machines as claimed in claim 15 are it is characterised in that described first new password data ciphertext or first Xinmi City
Key data ciphertext also includes random number ciphertext, and/or, a Mac result, described smart machine also includes:
Second Modify password message receiver module, the second Modify password order being forwarded by client for the reception server
Message, wherein, server parses described random number from described random number response data, and sends described random number to client
Behind end, client is according to described Old Password data or old key data, described random number and described new password data or new key
Data, obtains new password data ciphertext or new key data ciphertext, random number ciphertext and/or a Mac result, and will include institute
State new password data ciphertext or the first new password data of new key data ciphertext, random number ciphertext and/or a Mac result is close
Literary composition or the first new key data ciphertext send to server, and server is according to described first new password data ciphertext or first Xinmi City
Key data ciphertext generates the command message of described second Modify password;
Dispersed modules, for described Old Password data or old key data and the described random number dispersion of caching, obtaining second
Temporary key data;
Random nnrber decryption module, for included to the command message of the second Modify password with described second temporary key data
Random number ciphertext is decrypted, and obtains the random number that described deciphering obtains;And/or
Message identification module, for being included to the command message of described second Modify password with described second temporary key data
New password data ciphertext or new key data ciphertext carry out message discriminating, obtain described 2nd Mac result.
17. smart machines as claimed in claim 16 are it is characterised in that described Password modified module includes:
New key data decryption unit, for the order report with the first Modify password described in described second temporary key data deciphering
New password data ciphertext or new key data ciphertext that literary composition includes, obtain new password data or new key that described deciphering obtains
Data.
18. smart machines as claimed in claim 16 are it is characterised in that described Password modified module also includes:
Comparing unit, the random number for obtaining described deciphering is compared with the described random number caching and/or will be described
2nd Mac result is compared with a described Mac result, if unanimously, the new password data being obtained with described deciphering is replaced
Change described Old Password data or the new key data described old key data of replacement being obtained with described deciphering.
19. smart machines as claimed in claim 15 are it is characterised in that described Old Password data or old key data are stored in
In the safety chip of smart machine.
A kind of 20. systems of Modify password are it is characterised in that described system includes the visitor described in any one of claim 9 to 12
Family end, the server as described in claim 13 to 14 and the smart machine as described in any one of claim 15 to 19.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610931829.2A CN106452752B (en) | 2016-10-24 | 2016-10-24 | Method, system and the client of Modify password, server and smart machine |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610931829.2A CN106452752B (en) | 2016-10-24 | 2016-10-24 | Method, system and the client of Modify password, server and smart machine |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106452752A true CN106452752A (en) | 2017-02-22 |
CN106452752B CN106452752B (en) | 2019-05-24 |
Family
ID=58177442
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610931829.2A Active CN106452752B (en) | 2016-10-24 | 2016-10-24 | Method, system and the client of Modify password, server and smart machine |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106452752B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109446793A (en) * | 2018-09-21 | 2019-03-08 | 广州江南科友科技股份有限公司 | A kind of account based on Windows agent changes decryption method and device |
CN110445607A (en) * | 2019-08-12 | 2019-11-12 | 北京百佑科技有限公司 | Intelligent door lock key updating method, system and computer storage medium |
CN110460436A (en) * | 2019-07-12 | 2019-11-15 | 山东三未信安信息科技有限公司 | Hardware device key management method, system, storage medium and computer equipment |
US20220263661A1 (en) * | 2021-02-15 | 2022-08-18 | Sony Semiconductor Israel Ltd. | Efficient Data Item Authentication |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1972290A (en) * | 2005-11-07 | 2007-05-30 | 华为技术有限公司 | Modification method for authentication password based on SIP, subscriber proxy server and subscriber proxy client |
CN101453325A (en) * | 2007-11-30 | 2009-06-10 | 环达电脑(上海)有限公司 | Method for remotely modifying login keyword |
CN104484596A (en) * | 2015-01-07 | 2015-04-01 | 宇龙计算机通信科技(深圳)有限公司 | Method and terminal for creating password in multi-operation system |
CN104821941A (en) * | 2015-04-21 | 2015-08-05 | 南京邮电大学 | Smart card password authentication and password changing method |
CN105656864A (en) * | 2014-11-27 | 2016-06-08 | 航天恒星科技有限公司 | TCM-based key management system and management method |
CN105812357A (en) * | 2016-03-07 | 2016-07-27 | 中标软件有限公司 | User password management method for cloud computing platform |
-
2016
- 2016-10-24 CN CN201610931829.2A patent/CN106452752B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1972290A (en) * | 2005-11-07 | 2007-05-30 | 华为技术有限公司 | Modification method for authentication password based on SIP, subscriber proxy server and subscriber proxy client |
CN101453325A (en) * | 2007-11-30 | 2009-06-10 | 环达电脑(上海)有限公司 | Method for remotely modifying login keyword |
CN105656864A (en) * | 2014-11-27 | 2016-06-08 | 航天恒星科技有限公司 | TCM-based key management system and management method |
CN104484596A (en) * | 2015-01-07 | 2015-04-01 | 宇龙计算机通信科技(深圳)有限公司 | Method and terminal for creating password in multi-operation system |
CN104821941A (en) * | 2015-04-21 | 2015-08-05 | 南京邮电大学 | Smart card password authentication and password changing method |
CN105812357A (en) * | 2016-03-07 | 2016-07-27 | 中标软件有限公司 | User password management method for cloud computing platform |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109446793A (en) * | 2018-09-21 | 2019-03-08 | 广州江南科友科技股份有限公司 | A kind of account based on Windows agent changes decryption method and device |
CN109446793B (en) * | 2018-09-21 | 2021-07-20 | 广州江南科友科技股份有限公司 | Account encryption method and device based on Windows agent |
CN110460436A (en) * | 2019-07-12 | 2019-11-15 | 山东三未信安信息科技有限公司 | Hardware device key management method, system, storage medium and computer equipment |
CN110445607A (en) * | 2019-08-12 | 2019-11-12 | 北京百佑科技有限公司 | Intelligent door lock key updating method, system and computer storage medium |
US20220263661A1 (en) * | 2021-02-15 | 2022-08-18 | Sony Semiconductor Israel Ltd. | Efficient Data Item Authentication |
US11799662B2 (en) * | 2021-02-15 | 2023-10-24 | Sony Semiconductor Solutions Corporation | Efficient data item authentication |
Also Published As
Publication number | Publication date |
---|---|
CN106452752B (en) | 2019-05-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11615411B2 (en) | POS system with white box encryption key sharing | |
CN106506479B (en) | Method, system and the client of cipher authentication, server and smart machine | |
CN105162772A (en) | IoT equipment authentication and key agreement method and device | |
US20120254622A1 (en) | Secure Access to Electronic Devices | |
CN108270739B (en) | Method and device for managing encryption information | |
CN106357679B (en) | Method, system and the client of cipher authentication, server and smart machine | |
CN108809636B (en) | Communication system for realizing message authentication between members based on group type quantum key card | |
CN103036681B (en) | A kind of password safety keyboard device and system | |
CN109639697A (en) | Cloud mobile phone safe throws method, mobile terminal and the server of screen | |
CN104917807A (en) | Resource transfer method, apparatus and system | |
CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
CN106452752B (en) | Method, system and the client of Modify password, server and smart machine | |
CN102595213A (en) | Security certificate method and system of credible TV terminal | |
CN105653986A (en) | Micro SD card-based data protection method and device | |
CN107707562B (en) | Method and device for encrypting and decrypting algorithm of asymmetric dynamic token | |
CN109543434A (en) | Block chain information encryption method, decryption method, storage method and device | |
CN107070642B (en) | Heterogeneous resource pool multiplexing technology for multi-brand cipher machine | |
CN104038340A (en) | Device for generating an encrypted key and method for providing an encrypted key to a receiver | |
CN109379345B (en) | Sensitive information transmission method and system | |
CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
CN104239808A (en) | Method and device for encryption transmission of data | |
JP2014530554A (en) | Group secret management by group members | |
CN109039598A (en) | Data transfer encryption method, client and server-side | |
CN106507349A (en) | A kind of built-in terminal encryption system of software and hardware combining and encryption method | |
CN104767766A (en) | Web Service interface verification method, Web Service server and client side |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |